Show More
| @@ -28,7 +28,7 b' import traceback' | |||
|
|
28 | 28 | import formencode |
|
|
29 | 29 | from formencode import htmlfill |
|
|
30 | 30 | |
|
|
31 | from webob.exc import HTTPInternalServerError | |
|
|
31 | from webob.exc import HTTPInternalServerError, HTTPForbidden | |
|
|
32 | 32 | from pylons import request, session, tmpl_context as c, url |
|
|
33 | 33 | from pylons.controllers.util import redirect |
|
|
34 | 34 | from pylons.i18n.translation import _ |
| @@ -37,7 +37,8 b' from sqlalchemy.exc import IntegrityErro' | |||
|
|
37 | 37 | import rhodecode |
|
|
38 | 38 | from rhodecode.lib import helpers as h |
|
|
39 | 39 | from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator, \ |
|
|
40 | HasPermissionAnyDecorator, HasRepoPermissionAllDecorator | |
|
|
40 | HasPermissionAnyDecorator, HasRepoPermissionAllDecorator, NotAnonymous,\ | |
|
|
41 | HasPermissionAny, HasReposGroupPermissionAny | |
|
|
41 | 42 | from rhodecode.lib.base import BaseRepoController, render |
|
|
42 | 43 | from rhodecode.lib.utils import invalidate_cache, action_logger, repo_name_slug |
|
|
43 | 44 | from rhodecode.lib.helpers import get_token |
| @@ -61,7 +62,6 b' class ReposController(BaseRepoController' | |||
|
|
61 | 62 | # map.resource('repo', 'repos') |
|
|
62 | 63 | |
|
|
63 | 64 | @LoginRequired() |
|
|
64 | @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository') | |
|
|
65 | 65 | def __before__(self): |
|
|
66 | 66 | c.admin_user = session.get('admin_user') |
|
|
67 | 67 | c.admin_username = session.get('admin_username') |
| @@ -148,7 +148,7 b' class ReposController(BaseRepoController' | |||
|
|
148 | 148 | |
|
|
149 | 149 | return render('admin/repos/repos.html') |
|
|
150 | 150 | |
|
|
151 | @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository') | |
|
|
151 | @NotAnonymous() | |
|
|
152 | 152 | def create(self): |
|
|
153 | 153 | """ |
|
|
154 | 154 | POST /repos: Create a new item""" |
| @@ -160,6 +160,20 b' class ReposController(BaseRepoController' | |||
|
|
160 | 160 | form_result = RepoForm(repo_groups=c.repo_groups_choices, |
|
|
161 | 161 | landing_revs=c.landing_revs_choices)()\ |
|
|
162 | 162 | .to_python(dict(request.POST)) |
|
|
163 | #we check ACLs after form, since we want to display nicer errors | |
|
|
164 | #if form forbids creation of repos inside a group we don't have | |
|
|
165 | #perms for | |
|
|
166 | if not HasPermissionAny('hg.admin', 'hg.create.repository')(): | |
|
|
167 | #you're not super admin nor have global create permissions, | |
|
|
168 | #but maybe you have at least write permission to a parent group ? | |
|
|
169 | parent_group = request.POST.get('repo_group') | |
|
|
170 | _gr = RepoGroup.get(parent_group) | |
|
|
171 | gr_name = _gr.group_name if _gr else None | |
|
|
172 | if not HasReposGroupPermissionAny('group.admin', 'group.write')(group_name=gr_name): | |
|
|
173 | msg = _('no permission to create repository in root location') | |
|
|
174 | raise formencode.Invalid('', form_result, None, | |
|
|
175 | error_dict={'repo_group': msg}) | |
|
|
176 | ||
|
|
163 | 177 | new_repo = RepoModel().create(form_result, |
|
|
164 | 178 | self.rhodecode_user.user_id) |
|
|
165 | 179 | if form_result['clone_uri']: |
| @@ -181,16 +195,8 b' class ReposController(BaseRepoController' | |||
|
|
181 | 195 | self.sa) |
|
|
182 | 196 | Session().commit() |
|
|
183 | 197 | except formencode.Invalid, errors: |
|
|
184 | ||
|
|
185 | c.new_repo = errors.value['repo_name'] | |
|
|
186 | ||
|
|
187 | if request.POST.get('user_created'): | |
|
|
188 | r = render('admin/repos/repo_add_create_repository.html') | |
|
|
189 | else: | |
|
|
190 | r = render('admin/repos/repo_add.html') | |
|
|
191 | ||
|
|
192 | 198 | return htmlfill.render( |
|
|
193 | r, | |
|
|
199 | render('admin/repos/repo_add.html'), | |
|
|
194 | 200 | defaults=errors.value, |
|
|
195 | 201 | errors=errors.error_dict or {}, |
|
|
196 | 202 | prefix_error=False, |
| @@ -201,7 +207,9 b' class ReposController(BaseRepoController' | |||
|
|
201 | 207 | msg = _('error occurred during creation of repository %s') \ |
|
|
202 | 208 | % form_result.get('repo_name') |
|
|
203 | 209 | h.flash(msg, category='error') |
|
|
204 | return redirect(url('repos')) | |
|
|
210 | if c.rhodecode_user.is_admin: | |
|
|
211 | return redirect(url('repos')) | |
|
|
212 | return redirect(url('home')) | |
|
|
205 | 213 | #redirect to our new repo ! |
|
|
206 | 214 | return redirect(url('summary_home', repo_name=new_repo.repo_name)) |
|
|
207 | 215 | |
| @@ -213,10 +221,7 b' class ReposController(BaseRepoController' | |||
|
|
213 | 221 | GET /repos/new: Form to create a new item |
|
|
214 | 222 | """ |
|
|
215 | 223 | |
|
|
216 | new_repo = request.GET.get('repo', '') | |
|
|
217 | 224 | parent_group = request.GET.get('parent_group') |
|
|
218 | ||
|
|
219 | c.new_repo = repo_name_slug(new_repo) | |
|
|
220 | 225 | self.__load_defaults() |
|
|
221 | 226 | ## apply the defaults from defaults page |
|
|
222 | 227 | defaults = RhodeCodeSetting.get_default_repo_settings(strip_prefix=True) |
| @@ -37,7 +37,8 b' from pylons.i18n.translation import _' | |||
|
|
37 | 37 | |
|
|
38 | 38 | from rhodecode.lib import helpers as h |
|
|
39 | 39 | from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator, \ |
|
|
40 | HasPermissionAnyDecorator, NotAnonymous | |
|
|
40 | HasPermissionAnyDecorator, NotAnonymous, HasPermissionAny,\ | |
|
|
41 | HasReposGroupPermissionAll, HasReposGroupPermissionAny | |
|
|
41 | 42 | from rhodecode.lib.base import BaseController, render |
|
|
42 | 43 | from rhodecode.lib.celerylib import tasks, run_task |
|
|
43 | 44 | from rhodecode.lib.utils import repo2db_mapper, invalidate_cache, \ |
| @@ -54,6 +55,7 b' from rhodecode.model.notification import' | |||
|
|
54 | 55 | from rhodecode.model.meta import Session |
|
|
55 | 56 | from rhodecode.lib.utils2 import str2bool, safe_unicode |
|
|
56 | 57 | from rhodecode.lib.compat import json |
|
|
58 | from webob.exc import HTTPForbidden | |
|
|
57 | 59 | log = logging.getLogger(__name__) |
|
|
58 | 60 | |
|
|
59 | 61 | |
| @@ -484,9 +486,17 b' class SettingsController(BaseController)' | |||
|
|
484 | 486 | return render('admin/users/user_edit_my_account_pullrequests.html') |
|
|
485 | 487 | |
|
|
486 | 488 | @NotAnonymous() |
|
|
487 | @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository') | |
|
|
488 | 489 | def create_repository(self): |
|
|
489 | 490 | """GET /_admin/create_repository: Form to create a new item""" |
|
|
491 | new_repo = request.GET.get('repo', '') | |
|
|
492 | parent_group = request.GET.get('parent_group') | |
|
|
493 | if not HasPermissionAny('hg.admin', 'hg.create.repository')(): | |
|
|
494 | #you're not super admin nor have global create permissions, | |
|
|
495 | #but maybe you have at least write permission to a parent group ? | |
|
|
496 | _gr = RepoGroup.get(parent_group) | |
|
|
497 | gr_name = _gr.group_name if _gr else None | |
|
|
498 | if not HasReposGroupPermissionAny('group.admin', 'group.write')(group_name=gr_name): | |
|
|
499 | raise HTTPForbidden | |
|
|
490 | 500 | |
|
|
491 | 501 | acl_groups = GroupList(RepoGroup.query().all(), |
|
|
492 | 502 | perm_set=['group.write', 'group.admin']) |
| @@ -494,8 +504,6 b' class SettingsController(BaseController)' | |||
|
|
494 | 504 | c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups) |
|
|
495 | 505 | choices, c.landing_revs = ScmModel().get_repo_landing_revs() |
|
|
496 | 506 | |
|
|
497 | new_repo = request.GET.get('repo', '') | |
|
|
498 | parent_group = request.GET.get('parent_group') | |
|
|
499 | 507 | c.new_repo = repo_name_slug(new_repo) |
|
|
500 | 508 | |
|
|
501 | 509 | ## apply the defaults from defaults page |
| @@ -504,7 +512,7 b' class SettingsController(BaseController)' | |||
|
|
504 | 512 | defaults.update({'repo_group': parent_group}) |
|
|
505 | 513 | |
|
|
506 | 514 | return htmlfill.render( |
|
|
507 |
render('admin/repos/repo_add |
|
|
|
515 | render('admin/repos/repo_add.html'), | |
|
|
508 | 516 | defaults=defaults, |
|
|
509 | 517 | errors={}, |
|
|
510 | 518 | prefix_error=False, |
| @@ -6,9 +6,15 b'' | |||
|
|
6 | 6 | </%def> |
|
|
7 | 7 | |
|
|
8 | 8 | <%def name="breadcrumbs_links()"> |
|
|
9 | %if c.rhodecode_user.is_admin: | |
|
|
9 | 10 | ${h.link_to(_('Admin'),h.url('admin_home'))} |
|
|
10 | 11 | » |
|
|
11 | 12 | ${h.link_to(_('Repositories'),h.url('repos'))} |
|
|
13 | %else: | |
|
|
14 | ${_('Admin')} | |
|
|
15 | » | |
|
|
16 | ${_('Repositories')} | |
|
|
17 | %endif | |
|
|
12 | 18 | » |
|
|
13 | 19 | ${_('add new')} |
|
|
14 | 20 | </%def> |
| @@ -9,8 +9,8 b'' | |||
|
|
9 | 9 | <label for="repo_name">${_('Name')}:</label> |
|
|
10 | 10 | </div> |
|
|
11 | 11 | <div class="input"> |
|
|
12 |
${h.text('repo_name',c |
|
|
|
13 | %if not h.HasPermissionAll('hg.admin')('repo create form'): | |
|
|
12 | ${h.text('repo_name',class_="small")} | |
|
|
13 | %if not c.rhodecode_user.is_admin: | |
|
|
14 | 14 | ${h.hidden('user_created',True)} |
|
|
15 | 15 | %endif |
|
|
16 | 16 | </div> |
| @@ -7,12 +7,10 b'' | |||
|
|
7 | 7 | </h5> |
|
|
8 | 8 | %if c.rhodecode_user.username != 'default': |
|
|
9 | 9 | <ul class="links"> |
|
|
10 | %if h.HasPermissionAny('hg.admin','hg.create.repository')(): | |
|
|
10 | %if h.HasPermissionAny('hg.admin','hg.create.repository')() or h.HasReposGroupPermissionAny('group.write', 'group.admin')(c.group.group_name if c.group else None): | |
|
|
11 | 11 | <li> |
|
|
12 | 12 | %if c.group: |
|
|
13 | %if h.HasReposGroupPermissionAny('group.write', 'group.admin')(c.group.group_name): | |
|
|
14 | 13 | <span>${h.link_to(_('Add repository'),h.url('admin_settings_create_repository',parent_group=c.group.group_id))}</span> |
|
|
15 | %endif | |
|
|
16 | 14 | %else: |
|
|
17 | 15 | <span>${h.link_to(_('Add repository'),h.url('admin_settings_create_repository'))}</span> |
|
|
18 | 16 | %endif |
|
|
1 | NO CONTENT: file was removed |
General Comments 0
You need to be logged in to leave comments.
Login now